+ マイクロソフト セキュリティ アドバイザリ 3033929 Windows 7 および Windows Server 2008 R2 で SHA-2 コード署名サポートを利用可能
https://technet.microsoft.com/ja-jp/library/security/3033929
+ UPDATE: マイクロソフト セキュリティ アドバイザリ 3046015 Schannel の脆弱性により、セキュリティ機能のバイパスが起こる
https://technet.microsoft.com/ja-jp/library/security/3046015
+ UPDATE: マイクロソフト セキュリティ アドバイザリ 2949927 Windows 7 および Windows Server 2008 R2 で SHA-2 ハッシュ アルゴリズムを利用可能
https://technet.microsoft.com/ja-jp/library/security/2949927
+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2755801) Internet Explorer 上の Adobe Flash Player の脆弱性に対応する更新プログラム
https://technet.microsoft.com/ja-jp/library/security/2755801
+ RHSA-2015:0674 Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2015-0674.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369
+ CESA-2015:0672 Moderate CentOS 6 bind Security Update
http://lwn.net/Alerts/636241/
+ UPDATE: Cisco Secure Access Control System SQL Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150211-csacs
+ UPDATE: Row Hammer Privilege Escalation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150309-rowhammer
+ UPDATE: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl
+ Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0654
+ Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Cisco Expressway, and Cisco TelePresence Conductor
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-vcs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0653
+ UPDATE: Multiple Vulnerabilities in ntpd Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
+ HS15-007 Multiple Vulnerabilities in JP1/Cm2/Network Node Manager i
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-007/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
+ HS15-006 Cross-site Scripting Vulnerability in Hitachi IT Operations Analyzer
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-006/index.html
+ HS15-007 JP1/Cm2/Network Node Manager iにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-007/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
+ HS15-006 Hitachi IT Operations Analyzerにおけるクロスサイトスクリプティングの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-006/index.html
+ DoS/PoC: Microsoft Windows Text Services Memory Corruption (MS15-020)
http://www.exploit-db.com/exploits/36336
+ SA63336 libssh2 "kex_agree_methods()" Denial of Service Vulnerability
http://secunia.com/advisories/63336/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782
+ SA63343 Linux Kernel Xen PCI Non-Maskable Interrupt Denial of Service Vulnerability
http://secunia.com/advisories/63343/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2150
+ SA63402 Opera Multiple Vulnerabilities
http://secunia.com/advisories/63402/
Java SE 7のサポート終了間近、脆弱性が放置される危険な状態に
http://itpro.nikkeibp.co.jp/atcl/news/15/031100881/?ST=security
Wikimedia財団と人権NGOなど、NSAを憲法違反で提訴
http://itpro.nikkeibp.co.jp/atcl/news/15/031100880/?ST=security
シマンテック、IoTセキュリティでニフティとの協業事例を説明
http://itpro.nikkeibp.co.jp/atcl/news/15/031100877/?ST=security
JVNVU#98897821 Telerik Analytics Monitor ライブラリに DLL ハイジャックが可能な脆弱性
http://jvn.jp/vu/JVNVU98897821/
DoS/PoC: Foxit Products GIF Conversion Memory Corruption (LZWMinimumCodeSize)
http://www.exploit-db.com/exploits/36334
DoS/PoC: Foxit Products GIF Conversion Memory Corruption (DataSubBlock)
http://www.exploit-db.com/exploits/36335
0 件のコメント:
コメントを投稿